Apple vs the FBI
- Thread starter somdfunguy
- Start date
I'd venture to say they broke into it. Now Apple and all the others have to rethink their strategy. IMHO, nothing out there, nothing, is immune in the computer world to being hacked or broken into. There is always somebody that is as smart, or smarter, than you. Just don't leave anything behind that may not look so bad against you. If you have secrets, better pass them on in person.
Tilted
..
I have little doubt that the way some have suggested that Cellebrite would be able, with considerable effort and physical possession of the phone, to make the information on that iPhone accessible could work. As you suggest, nothing is for certain inaccessible. (Even if something would turn out to be inaccessible for practical purposes, you couldn't really know that it would be - you can't anticipate every possible extraordinary effort someone might be able to come up with).
But that doesn't mean that Apple and others have to rethink their strategy. The security mechanisms they've designed are very effective and they continue to work to improve them at any rate. The way that the last 3 generations of iPhones work, in terms of hardware design, is meaningfully different when it comes to security than the way that the iPhone in question does. (It's an iPhone 5C which, in terms of hardware tech, is the equivalent of an iPhone 5. The iPhone 5S brought a change in security measures and there's been 2 new generations since then.) Further, the technique that may have been used to gain access to the information on this iPhone would still only work (practically speaking) because a simple lock password was chosen. If someone really wanted to make sure the information on their phone was secure (or considerably more secure), they could use a complex lock password - one with more than 4 digits and which used alphanumeric characters. That would be less convenient, but if security is a priority then it might be worth it. And with the newer iPhones, it wouldn't even be that much less convenient as you could use Touch ID instead of entering the (complex) lock password most of the time.
The bottom line though is that, yes, the security arms race continues... and at a fevered pace. The good guys - regardless of what happened in this situation - will have to continue to work diligently to stay ahead of the bad guys.
Tilted
..
I suspect they were able to get in. With that model iPhone and enough effort it should be possible (and it might be possible with any device).
But your point about questioning everything they say is a valid one. They have, I think it's pretty clear at this point, but less than forthright in this situation - both when it comes to the details of the situation and their intention. The good news is that, at least for now, they lost. We should make no mistake, this development and the way the government has handled it amounts to a concession on the government's part. They didn't get what they wanted; they weren't able to bully their way into it. Big picture, this episode may help lead to success (form their perspective) down the road. But when it comes to this particular situation the government was stood up to and backed down, its expected efforts to frame the outcome differently notwithstanding.
Tilted
..
the Gov would issue a FALSE Press Release
Well, a false court filing (rather than just a press release)...
But, as I've suggested, I don't think this court filing (or more generally the claim that they were able to gain access to the information on this iPhone) was false.
Why the arms race between the FBI and Apple is only getting started
The bureau in recent years has launched a recruiting blitz to attract employees with cyber expertise, and the National Science Foundation has even made scholarship money available to students who study cybersecurity and later work in government. But former FBI officials said the bureau will always face an uphill battle against private firms, which can offer much more money, a less rigorous code of conduct and more opportunities to do creative work.
Ernest Hilbert, a former FBI special agent focusing on cybercrimes, said the bureau had lost tech talent in recent years. “The most an agent can make is 180K,” he said. “That’s like a starting salary in the private sector. You have a big push by private industry to pull out these individuals.”
That bureau officials were able to access Syed Rizwan Farook’s phone allows the government to avoid — at least for now — a showdown with Apple over the extent U.S. law compels the company to help in a criminal investigation.
FBI hacks iPhone: Does this make your phone less private?
The FBI is under no obligation to tell the public how it defeated Apple's security measures, but the agency could be required to tell the company if the government exploited a defect in the company's security protocols in order to gain access.
The policy that governs such disclosures is known as the "Vulnerabilities Equities Process," according to Andrew Crocker, a staff attorney with the Electronic Frontier Foundation, a digital rights advocacy group. The EFF sued to make the 13-page policy public in 2014 and won access to the document earlier this year.
Crocker said the policy is weighted toward disclosure, but the government has successfully fought to keep such details secret before.
The bureau in recent years has launched a recruiting blitz to attract employees with cyber expertise, and the National Science Foundation has even made scholarship money available to students who study cybersecurity and later work in government. But former FBI officials said the bureau will always face an uphill battle against private firms, which can offer much more money, a less rigorous code of conduct and more opportunities to do creative work.
Ernest Hilbert, a former FBI special agent focusing on cybercrimes, said the bureau had lost tech talent in recent years. “The most an agent can make is 180K,” he said. “That’s like a starting salary in the private sector. You have a big push by private industry to pull out these individuals.”
That bureau officials were able to access Syed Rizwan Farook’s phone allows the government to avoid — at least for now — a showdown with Apple over the extent U.S. law compels the company to help in a criminal investigation.
FBI hacks iPhone: Does this make your phone less private?
The FBI is under no obligation to tell the public how it defeated Apple's security measures, but the agency could be required to tell the company if the government exploited a defect in the company's security protocols in order to gain access.
The policy that governs such disclosures is known as the "Vulnerabilities Equities Process," according to Andrew Crocker, a staff attorney with the Electronic Frontier Foundation, a digital rights advocacy group. The EFF sued to make the 13-page policy public in 2014 and won access to the document earlier this year.
Crocker said the policy is weighted toward disclosure, but the government has successfully fought to keep such details secret before.
Tilted
..
FBI Director Comey seems to have confirmed what I suggested might be the case: The technique used to gain access to the information on this iPhone won't work for newer iPhones. The iPhone 5C is about 3-1/2 years old tech-wise, at least when it comes to certain security measures built into it.
FBI director: We bought 'a tool' to hack terrorist's iPhone
FBI director: We bought 'a tool' to hack terrorist's iPhone
US fight goes on with Apple over iPhone access
In the New York case, Justice Department lawyers told US District Court Judge Margo Brodie in a written filing that "the government continues to require Apple's assistance in accessing the data that it is authorized to search by warrant."
Apple lawyers said they were disappointed by what amounted to an appeal by the government, arguing anew that it was an attempt to set a troubling legal precedent and not really a pursuit of vital information for fighting crime.
In the New York case, the accused drug trafficker confessed and is set to be sentenced, Apple attorneys said. Apple is being asked to extract data from an iPhone for sentencing purposes.
In the New York case, Justice Department lawyers told US District Court Judge Margo Brodie in a written filing that "the government continues to require Apple's assistance in accessing the data that it is authorized to search by warrant."
Apple lawyers said they were disappointed by what amounted to an appeal by the government, arguing anew that it was an attempt to set a troubling legal precedent and not really a pursuit of vital information for fighting crime.
In the New York case, the accused drug trafficker confessed and is set to be sentenced, Apple attorneys said. Apple is being asked to extract data from an iPhone for sentencing purposes.
Hijinx
Well-Known Member
Wonder what they got for that 1.3 million? Probably wasn't worth a quarter.
Lurk
Happy Creepy Ass Cracka
Turns out the FBI got nothing once the hackers opened the phones. The terrorist mooselimbs destroyed their personal sale foams before the attack so suspect that's where the terrorist mooselimp stuff was stashed.
LibertyBeacon
Unto dust we shall return
That would be the best possible outcome.
Tilted
..
They got to avoid very publicly losing a legal fight. They also got to pretend that they hadn't been lying all along about their motivations.
And from the way Director Comey said it, I think the cost may have been well in excess of $1.3 million - $2 million, $10 million, who knows? But $1.3 million is just what the math says the minimum would be based on what he seemed to be saying.
This_person
Well-Known Member
And, by not losing the legal battle, the answer is still grey instead of decided-law, and therefore they can still act with plausible allowance in the way they wish to. Which goes to the fact that their motivations were likely very different from their stated motivations (you think they will ONLY do this one phone?).
Meanwhile, there's a reasonable likelihood they are simply lying that they got in, which means they avoid the situation where they have to admit that they can't look in a phone when they want to, keeping the people who wish to conduct illegal activity concerned about how/where/when they store information.
Chris0nllyn
Well-Known Member
Now that the NSA has been hacked, I guess it's a good thing the FBI lost this fight.
Chris0nllyn
Well-Known Member
Update:
Apparently, the FBI was intentionally dragging its feet in order to set a precedent of forcing tech companies to lower encryption standards for law enforcement.
A reminder that during this time, Trump called for a boycott of Apple, Rubio and Cruz said Apple should have cooperated with the FBI, and Feinstein and Burr tried creating a bill that would require tech companies to follow the demands of law enforcement and weaken encryption.
Apparently, the FBI was intentionally dragging its feet in order to set a precedent of forcing tech companies to lower encryption standards for law enforcement.
https://oig.justice.gov/reports/2018/o1803.pdf
A reminder that during this time, Trump called for a boycott of Apple, Rubio and Cruz said Apple should have cooperated with the FBI, and Feinstein and Burr tried creating a bill that would require tech companies to follow the demands of law enforcement and weaken encryption.